Manager Data Protection at Family Bank Ltd

Manager Data Protection at Family Bank Ltd.

Manager Data Protection at Family Bank Ltd

Family Bank (formely Family Finance Building Society) was registered as a Building Society in October 1984 in Kenya, under the Building Societies Act and commenced operations in the early 1985. Family Bank converted into a fully fledged bank in May 2007 and the main driver for our conversion was the need to offer a wider range of products and services

Manager Data Protection

Job Purpose:

To oversee the Bank’s data protection strategy, implementation of data protection principles and ensuring effective compliance across the Bank.

Key Responsibilities:

  • Align the Bank’s processes, policies and contracts with the provisions of the Data Protection Act, 2019 and respective regulations.
  • Carry out a Bank wide gap analysis on compliance with Data Protection Act 2019 and respective regulations.
  • Oversee development and review of policies, procedures and guidelines to facilitate implementation of Data Protection Laws and Regulations.
  • Act as the primary point of contact within the Bank for members of staff, regulators, and any relevant data protection authorities.
  • Act as the custodian of data protection documentation and reporting requirements, including records of processing activities, data protection impact assessments, data incident records and data breach reporting, and conduct periodic compliance assessments of these.
  • Evaluate the existing data protection framework and identify areas of non or partial compliance and rectify any issues.
  • As the expert in data protection, be the key source of information in the Bank on Data Protection and also create awareness across the Bank on data protection matters.
  • Act as the key business adviser to the Bank staff on any matters in relation to data protection compliance.
  • Conduct regular assessment to ensure the Bank’s compliance with the data protection Act 2019 and Regulations.
  • Advise staff in relation to data subject access requests and support the teams to provide responses.
  • Identify and evaluate the Bank’s data processing activities and keep the Bank’s data processing inventory updated at all times.
  • Act as the key contact person to data subjects by informing them about how their personal data is being used and what measures the Bank has put in place to protect their data.
  • Offer consultation on how to deal with privacy breaches.
  • Work collaboratively and proactively with the legal and compliance team in relation to data protection issues.
  • Inform and advise the Data Controller or Data Processor on all matters related to data protection.
  • Perform other related duties as emanates from the post, as and when assigned by the Supervisor.

The Person:

The ideal candidate must possess the following:


  • Degree in either Information Technology, Legal, Risk Management or other related fields
  • Hold at least one Data Protection and/or Privacy certification
  • Professional certifications such as CPA, CISA, CRISC, will be added advantage.
  • Minimum of 6 years’ experience within a Risk, Compliance or Legal function, with experience in Privacy Compliance.
  • Experience in Data Privacy laws within the region and/or EU Data Privacy laws will be an added advantage.

Key Competencies and Attributes


  • Excellent communication skills both written and oral.
  • Ability to establish and maintain trust credibility as well as maintaining high levels of confidentiality.
  • Must be a person of impeccable integrity.
  • Able to work under pressure and meet deadlines.
  • Proficient in the use of Microsoft Office products as well data analytics tools.
  • Creativity and innovation skills, with ability to use technology and other modern tools to drive decision making and implementation.
  • Strong analytical skills with the ability to understand complex information and communicate this in a non-specialist format to the wider business.
  • Personal motivation and drive exhibited through commitment to hard work, continuous improvement, and achievement of goals.
  • Excellent interpersonal skills.
  • Risk awareness and focus to demonstrate an understanding of risk management practices and standards.
  • Effective stakeholder management.
  • Creativity and innovative.

Method of Application

ALL applicants MUST apply online to the email;; closing date is 2nd November 2023. Canvassing will automatically disqualify the candidate. Only shortlisted candidates will be contacted.